JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.23

104.207.35.23 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.23

Whois 104.207.35.23

IP Abuse Reports for 104.207.35.23:

This IP address has been reported a total of 103 times from 22 distinct sources. 104.207.35.23 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 myagent.site	2026-01-13 11:56:12 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2025-12-27 08:00:18 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇩🇪 HandyTreff.de	2025-12-23 05:47:21 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -23.375 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -23.375 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Ya show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 16:13:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 11:12:59.373902 2025] [security2:error] [pid 6680:tid 6680] [client 104.207.35.23:38975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaylamaclaincounseling.com"] [uri "/.svn/wc.db"] [unique_id "aTmcC8QTtswkvugTfHtNxgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 05:22:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 00:22:36.339698 2025] [security2:error] [pid 31194:tid 31194] [client 104.207.35.23:21507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polarfoxinno.com"] [uri "/.svn/wc.db"] [unique_id "aTZgnNeE8PYglX2BBF05eAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 00:42:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 19:42:32.033063 2025] [security2:error] [pid 19291:tid 19291] [client 104.207.35.23:11597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/.env"] [unique_id "aTYe-AhGaw_jh1VleXJ0BAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-07 23:31:37 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇳🇱 i-turnradio.nl	2025-12-06 21:58:18 (6 months ago)	2025-12-06 @ 22:58:17 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:20:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:20:22.991453 2025] [security2:error] [pid 13171:tid 13171] [client 104.207.35.23:9783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srossi.net"] [uri "/.svn/wc.db"] [unique_id "aTQtlgtG88YkXg8BpqUTqQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:00:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:00:41.119028 2025] [security2:error] [pid 4074:tid 4074] [client 104.207.35.23:14193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hangrypandas.com"] [uri "/.svn/wc.db"] [unique_id "aTLliRT7GCeyCK30-NwxcgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:08:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:08:31.039026 2025] [security2:error] [pid 25865:tid 25865] [client 104.207.35.23:52589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bewdleypizza.com"] [uri "/.git/HEAD"] [unique_id "aTKS_y2yWt7hWPNAtu8u5gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:01:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:01:51.917150 2025] [security2:error] [pid 25816:tid 25816] [client 104.207.35.23:31431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "36hoursonly.com"] [uri "/.svn/wc.db"] [unique_id "aTKDXwb1kP_q_qH6yAeDKAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 23:54:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 18:54:10.823206 2025] [security2:error] [pid 8029:tid 8029] [client 104.207.35.23:17027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sirio-b.com"] [uri "/.svn/wc.db"] [unique_id "aTIfIgzk6kvtHl0TBNlGTwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 14:00:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 09:00:25.263568 2025] [security2:error] [pid 3632:tid 3632] [client 104.207.35.23:50699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louiemobilemixology.com"] [uri "/.svn/wc.db"] [unique_id "aS7w-UUKP3fYIHSvMGjgFgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:27:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:27:47.604113 2025] [security2:error] [pid 17226:tid 17226] [client 104.207.35.23:22891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mywheatgrass.com"] [uri "/.git/HEAD"] [unique_id "aS6U84I6bBGlPyOza0VLuwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.139

🇻🇳 160.187.147.124

🇨🇳 111.17.199.57

🇻🇳 103.161.170.12

🇷🇴 92.118.39.62

🇧🇬 91.191.209.46

🇱🇹 81.30.98.142

🇺🇸 71.6.199.65

🇫🇮 65.21.46.73

🇧🇪 34.78.179.50

🇺🇸 2604:a880:400:d1:0:4:8bf6:1001

🇧🇷 200.108.174.4

🇺🇸 195.184.76.223

🇷🇺 193.227.241.194

🇰🇿 185.217.188.132

🇩🇪 167.99.247.43

🇩🇪 167.94.146.32

🇭🇰 103.103.245.61

🇫🇷 85.217.140.24

🇺🇸 66.132.172.209